on 6-26-2009 12:27 AM Sorin Srbu spake the following:
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On
Behalf
Of Les Mikesell Sent: Thursday, June 25, 2009 5:55 PM To: CentOS mailing list Subject: Re: [CentOS] Web photo gallery options
Seems like I also did not mention it must be free, as in not costing anything. 8-)
Though I dream of a six-disk NAS filled with 1TB-drives... 8-/
The point of these devices is that the cost ends up being negative compared to running stuff on a full-featured computer powered up all the time. Plus, they integrate the media server, so upnp/DLNA clients like the PS3/Xbox360 and an increasing number of network-connected TV's can view the same pictures with their built in protocol without yet another setup.
That might be interesting if you have all that flashy TV:s and stuff. My computer-based PVR, running WinXP works fine, as does my Xboxes.
Anyway, I installed Gallery2 yesterday evening and finished up way late. It works sort of. I feel I need to read up on security best-practices with regard to mysql and also how to deny folder listings. As it is now I think mysql is seriously insecure for world access, and the folder listing shows the gallery2 contents to the world. I'll look into it this weekend.
Thanks all who suggested and hinted me!
If mysql and the gallery soft ware are on the same server, then you don't need to open up mysql to the world. The gallery software should be able to access the DB over the localhost address, and you could firewall off outside access to mysql.
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Scott Silva Sent: Friday, June 26, 2009 7:50 PM To: centos@centos.org Subject: Re: [CentOS] Web photo gallery options [Solved]
Anyway, I installed Gallery2 yesterday evening and finished up way late. It works sort of. I feel I need to read up on security best-practices with regard to mysql and also how to deny folder listings. As it is now I think mysql is seriously insecure for world access, and the folder listing shows the gallery2 contents to the world. I'll look into it this weekend.
If mysql and the gallery soft ware are on the same server, then you don't need to open up mysql to the world. The gallery software should be able to access the DB over the localhost address, and you could firewall off outside access to mysql.
Yupp, that's what I did.
I had some other problems with a folder listing being visible for some reason on someurl.com/gallery2, so I ended up installing Gallery1 instead, but this one couldn't process any pictures because it though Image Magick and/or Netpbm wasn't installed (it was...), but the folder listings weren't there at least. I'll probably end up installing Gallery2 anyway. Need to read up on mysql and apache some more though, it might be a good idea anyway. The whole thing is resting right now. 8-)
Thanks for the hint though.
-
Scott Silva -
Sorin Srbu